MTN Group has confirmed that the cyberattack it reported last week wasn’t just a glitch; it involved customer data and came with a demand from the hackers.
While the company hasn’t said exactly which countries were affected, MTN Ghana revealed that approximately 5,700 customers may have been impacted, prompting Ghana’s Data Protection Commission to launch an investigation.
Besides, the fact that South Africa’s Information Regulator was notified suggests that users in its home country were hit. But the Group is yet to state whether any customer was affected in the home country or in any other country apart from Ghana.
The company says the info accessed was mostly basic stuff — names, surnames, and mobile numbers — but investigations are still ongoing. What’s clear is that the attackers made some kind of demand, though MTN hasn’t said what it was or how much they want.
Because the investigation is still active, MTN says it can’t share too many details right now. But if you’re one of the affected users, you’ll be getting a more detailed notice soon, in line with the law.
Cyberattacks on telecoms companies are becoming way too common. Just earlier this year, Cell C was hit with a ransomware attack, and in Namibia, Telecom Namibia lost over 600GB of customer data in a similar breach. In fact, South Africa’s telecoms sector now sees over 1,000 cyberattacks each week, according to Check Point.
Even though MTN says no major systems like billing or mobile wallets were compromised, experts warn that even just names and numbers can be dangerous. Hackers can use that info for phishing or identity theft, like tricking users into sharing banking logins or one-time passwords.
Indeed, since the hack became public, some key MTN customers, including the Chief Executive or a leading microinsurance company have had fraudsters target them. In one of the cases, the fraudster already knew the CEO had four accounts with a particular bank, what types of accounts they are and all the account numbers.
MTN is urging customers to stay alert: update your apps, use strong and unique passwords, and don’t click on shady links or answer sketchy calls. As more Africans go mobile, with mobile phone users expected to hit 751 million by 2030, telecoms companies are becoming prime targets for cybercriminals.
